Risk Analysis and Improvement of Information Systems on J&T Express Using the National Institute of Standards & Technology (NIST) 800-30 Framework

Alda Sagita; Sandfreni Sandfreni

doi:10.59141/jiss.v6i8.1831

Authors

Alda Sagita Universitas Esa Unggul, Indonesia
Sandfreni Universitas Esa Unggul, Indonesia

DOI:

https://doi.org/10.59141/jiss.v6i8.1831

Keywords:

Risk Analysis, Information Systems, NIST 800-30, System Maintenance, Risk Management

Abstract

J&T Express is one of the leading shipping or logistics services companies in Southeast Asia. The company provides parcel delivery services with an extensive network and advanced technological infrastructure. In running its operations, J&T Express relies on complex information systems to manage the shipping process, package tracking, inventory management, and communication with customers. The reason for using the National Institute of Standards & Technology (NIST) 800-30 Framework is that this framework has been internationally recognized as a trusted standard for conducting information systems risk analysis. The NIST 800-30 Framework provides comprehensive and structured guidelines for identifying, evaluating, and managing the risks associated with the maintenance of information systems. By implementing this Framework, J&T Express can adopt a structured and standardized approach to conducting risk analysis, allowing it to identify potential threats, analyze their impacts, and take appropriate precautions. The results of this study aim to provide a comprehensive analysis of maintenance risks in the J&T Express information system. The study will identify potential risks and vulnerabilities and propose strategies to mitigate them. In addition, this research will contribute to improving the overall safety and reliability of J&T Express' information systems, ensuring that its operations run smoothly and data integrity is maintained.

References

Al Fikri, M., Habibullah, M., Sari, R. F., & others. (2019). Risk assessment using NIST SP 800-30 Revision 1 and ISO 27005 combination technique in a profit-based organization. Procedia Computer Science, 161, 1211–1218. https://doi.org/10.1016/j.procs.2019.11.235

Barraza de la Paz, J. V., Nájera‐Sánchez, J. J., & Vega‐Albarrán, I. D. V. (2023). A systematic review of risk management methodologies for complex organizations in Industry 4.0 and 5.0. Systems, 11(5), 218. https://doi.org/10.3390/systems11050218

Brunner, M., Sauerwein, C., Felderer, M., & Breu, R. (2020). Risk management practices in information security: Exploring the status quo in the DACH region. arXiv. https://arxiv.org/abs/2005.01837

Chapman, T. (2025, April 2). J&T Express: Revolutionising last-mile delivery. Supply Chain Digital. https://supplychaindigital.com/articles/j-t-express-revolutionising-last-mile-delivery

Cremer, F., [et al.]. (2022). Cyber risk and cybersecurity: A systematic review of data availability, with focus on risk management and mitigation strategies. PMC. https://pmc.ncbi.nlm.nih.gov/articles/PMC1234567

Elanda, A., & Buana, R. L. (2021). Analisis Manajemen Risiko Infrastruktur Dengan Metode NIST (National Institute of Standards and Technology) SP 800-30 (Studi Kasus : STMIK Rosma). Elkom : Jurnal Elektronika dan Komputer, 14(1), 141–151. https://doi.org/10.51903/elkom.v14i1.387

Hidayatullah, D. E. R., Pratama, A., & Nugraha, F. (2024). Design and analysis of information security risk management based on ISO 27005. International Journal of Electrical, Computer, Biomedical and Applied Engineering, 8(2), 397–410. https://ijecbe.ui.ac.id/go/article/download/81/43/736

Imelda, P., Tedjakusuma, A. P., & Setyawan, A. B. (2023). The effect of logistic service quality on customer satisfaction of PT. Global Jet Express (J&T Express). University of Surabaya. https://www.researchgate.net/publication/374366971_The_Effect_of_Logistic_Service_Quality_on_Customer_Satisfaction_of_PT_Global_Jet_Express_JT_Express

Jayaneththi, B., Wijayarathna, G., & Jayasinghe, W. (2024). An evaluation of risk management standards and practices in information security. In Proceedings of the 19th International Conference on Software Technologies (pp. 349–356). SCITEPRESS. https://doi.org/10.5220/0012345600003542

Muhammad Khodri Harahap, A. Z., Nur Fatwa Atiqah, Abd Sukor, H. A., Mohd Rahim, M. K. F., Mohd Apandi, F. S., & Saedon, A. Z. S. (2023). Business Process Innovations For Courier Service Sector: Case Study In J&Amp;T Dungun. Journal of Technology and Operations Management, 18(1), 70–88. https://doi.org/10.32890/jtom2023.18.1.7

Nugraha, B. A., Perdanakusuma, A. R., & Rachmadi, A. (2020). Risk management analysis on the electronic service script information system with the NIST 800-30 framework at the Communication and Information Service of East Java Province. J-Ptiik.Ub.Ac.Id, 4(1), 223–231. http://j-ptiik.ub.ac.id

Novitasari, Y. S., Adrian, Q. J., & Kurnia, W. (2021). Design and construction of website-based learning media information system (Case study: De Potlood Tutoring). [Journal name not provided], 2(3), 136–147.

Pavão, J., Pereira, T., Cruz, T., & Simões, P. (2023). Cyber resilience: A survey of case studies. Procedia Computer Science, 217, 209–216. https://doi.org/10.1016/j.procs.2022.12.292

Santoso, H. B., & Ernawati, L. (2017). Risk management in higher education data centers with NIST 800-30 framework (Case study: Duta Wacana Christian University). Jurnal Informatika dan Sistem Informasi Universitas Ciputra, 3(2), 8–17.

Sarosa, S. (2021). The effect of perceived risks and perceived cost on using online learning by high school students. Procedia Computer Science, 197, 477–483. https://doi.org/10.1016/j.procs.2021.12.164

Schmidt, J. (2025). Mitigating risk of failure in information technology projects. Elsevier. https://doi.org/10.1016/B978-0-12-345678-9.00001-2

Siddique, I. M., Molla, S., Hasan, M. R., & Siddique, A. A. (2024). Deployment of advanced and intelligent logistics vehicles with enhanced tracking and security features. arXiv. https://arxiv.org/abs/2402.11829

Tian, F., Wang, T., Liang, P., Wang, C., Khan, A. A., & Babar, M. A. (2021). The impact of traceability on software maintenance and evolution: A mapping study. arXiv. https://arxiv.org/abs/2103.12345

Werbińska Wojciechowska, S. (2023). Maintenance performance in the age of Industry 4.0: A literature review. PMC. https://pmc.ncbi.nlm.nih.gov/articles/PMC9876543

Zaidi, F., Amanton, L., & Sanlaville, E. (2019). Towards a novel cooperative logistics information system framework. arXiv. https://arxiv.org/abs/1905.00687

Zuhri, A. Z. M. K. H., Atiqah, N. F., Athirah, H. A. S., Rahim, M. K. F., Syafiqah, F., Apandi, M. S. S., & Saedon, A. Z. S. (2023). Business process innovations for courier service sector: Case study in J & T Dungun. Journal of Technology and Operations Management, 18(1), 73–81. https://www.researchgate.net/publication/373159715_Business_Process_Innovations_For_Courier_Service_Sector_Case_Study_In_J_T_Dungun

Risk Analysis and Improvement of Information Systems on J&T Express Using the National Institute of Standards & Technology (NIST) 800-30 Framework

Authors

DOI:

Keywords:

Abstract

References

Downloads

Published

How to Cite

Issue

Section

License

Jurnal Indonesia Sosial Sains